mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

build: upgrade to asar@^1.0.0 (#17061)

Browse source 
* build: upgrade asar to ^1.0.0

This is to remove a transitive security vulnerability.
The API changed from callbacks to Promises, so `script/gn-asar.js`
needed to be changed.

* build: add klaw to package.json

`klaw` is used in `script/lint.js`, but it was a transitive dependency.

* build: add fs-extra to package.json

`fs-extra` is used in `script/gn-asar.js`, but it was a transitive
dependency.
This commit is contained in:
Mark Lee 2019-02-25 18:25:00 -08:00 committed by Samuel Attard
parent 30213089ae
commit 7a7389ab1c
3 changed files with 89 additions and 153 deletions
Download patch file Download diff file Expand all files Collapse all files

10
script/gn-asar.js
View file

@ -51,11 +51,9 @@ try {
}
// Create the ASAR archive
asar.createPackageWithOptions(tmpPath, out[0], {}, (err) => {
fs.removeSync(tmpPath)
if (err) {
asar.createPackageWithOptions(tmpPath, out[0], {})
.catch(err => {
fs.removeSync(tmpPath)
console.error('Unexpected error while generating ASAR', err)
process.exit(1)
}
})
}).then(() => fs.remove(tmpPath))